]>
Pileus Git - ~andy/fetchmail/log
Matthias Andree [Sun, 23 Dec 2012 15:47:12 +0000 (16:47 +0100)]
Update for 6.3.24 release.
Matthias Andree [Sun, 23 Dec 2012 15:45:59 +0000 (16:45 +0100)]
Remove LSM-related stuff from the distribution.
IBiblio no longer accepts submissions, and considers itself an archive.
There is no point in our carrying forward any related material, if
needed for reference purposes, it can be fetched from older versions in
the Git repository.
Matthias Andree [Fri, 14 Dec 2012 00:33:17 +0000 (01:33 +0100)]
Fix version to 6.3.0.
Matthias Andree [Fri, 14 Dec 2012 00:03:49 +0000 (01:03 +0100)]
Complete Dominik's name.
Matthias Andree [Thu, 13 Dec 2012 22:44:37 +0000 (23:44 +0100)]
Plug a memory leak in OpenSSL's certificate verification callback.
This would affect fetchmail configurations running with SSL in daemon mode
more than one-shot runs.
Reported by Erik Thiele, and pinned by Dominik, Debian Bug #688015.
This bug was introduced into fetchmail 6.2.9 (committed 2005-10-29)
when support for subjectAltName was added through a patch by Roland
Stigge, submitted as Debian Bug#201113.
Matthias Andree [Thu, 13 Dec 2012 21:46:32 +0000 (22:46 +0100)]
Repair --logfile regression of 6.3.23,
reported by Heinz Diehl.
Matthias Andree [Mon, 10 Dec 2012 21:14:49 +0000 (22:14 +0100)]
Update for new release.
Matthias Andree [Mon, 10 Dec 2012 21:07:28 +0000 (22:07 +0100)]
Release 6.3.23.
Matthias Andree [Mon, 10 Dec 2012 20:57:50 +0000 (21:57 +0100)]
Pull in translation updates for 6.3.23,
dubbed 6.3.22.2 for translation purposes.
Matthias Andree [Wed, 5 Dec 2012 21:54:27 +0000 (22:54 +0100)]
Move forward to prepare a 6.3.23 release and request translation.
Matthias Andree [Wed, 5 Dec 2012 21:54:27 +0000 (22:54 +0100)]
Update German translation.
Matthias Andree [Tue, 6 Nov 2012 07:44:50 +0000 (08:44 +0100)]
Fix typo in R15, and clarify.
Matthias Andree [Tue, 6 Nov 2012 07:30:50 +0000 (08:30 +0100)]
Fix typo repsonsible -> responsible.
Matthias Andree [Sat, 13 Oct 2012 22:10:11 +0000 (00:10 +0200)]
Make Maillennium POP3 workarounds less specific,
to encompass Maillennium POP3/UNIBOX (Maillennium V05.00c++). Reported
by Eddie via fetchmail-users mailing list, 2012-10-13.
Matthias Andree [Sun, 23 Sep 2012 12:44:25 +0000 (14:44 +0200)]
Clean up logfile vs. syslog handling.
In case logfile overrides syslog, send a message to the latter stating
where logging goes. Also revise manual page.
Matthias Andree [Tue, 4 Sep 2012 20:55:55 +0000 (22:55 +0200)]
fix another typo, point one URL to CVE.
Matthias Andree [Tue, 4 Sep 2012 20:49:42 +0000 (22:49 +0200)]
Fix typo in CVE URLs that rendered two new links useless.
Matthias Andree [Mon, 3 Sep 2012 21:12:39 +0000 (23:12 +0200)]
Obsoletion warning.
Matthias Andree [Mon, 3 Sep 2012 21:08:53 +0000 (23:08 +0200)]
Mention Alexander's fix for -f - with --plugin.
Alexander Zangerl [Mon, 3 Sep 2012 21:07:47 +0000 (23:07 +0200)]
Fix: combination of --plugin and -f - fails
scenario: you want to remote-control fetchmail, but you don't want to write
passwords into files, so you feed fetchmail a minimal rcfile via stdin with -f
-. this by itself works fine. if you also want or need to use a --plugin (eg.
socat for socks), then things fail badly: the plugin is run without a stdin fd,
hence can't take input from fetchmail, lots of fun ensues. plugins without -f
- work fine, it's just the combination that fails.
explanation: the root cause is rcfile_y.y, line 493, which closes whatever fd
carried the rcfile. with -f - this closes fetchmail's stdin - and so far that's
unproblematic. however, in socket.c lines 166ff things go wrong: fetchmail
sets up the plugin with a socketpair, which will likely include the first
unused fd - and fd zero is now indeed unused. in line 180ff a dup2 replumbing
from "that fd" (=zero) to zero is performed - and then "that fd" is closed.
and hey presto, we've got no fd zero = stdin for the plugin.
solution: the simplest solution (patch attached) is to make the fclose of the
rcfile conditional, ie. don't close if it's stdin. in the long run the
dup2+close code might be made more robust by not doing a dup2+close if fd[0] is
already 0 or 1.
Matthias Andree [Mon, 3 Sep 2012 21:05:37 +0000 (23:05 +0200)]
Note Earl's regression fix for SSL_CTX_clear_options() on older OpenSSL.
Earl Chew [Mon, 3 Sep 2012 21:04:08 +0000 (23:04 +0200)]
Clear SSL_OP_DONT_INSERT_EMPTY_FRAGMENTS without SSL_CTX_clear_options()
A patch to clear SSL_OP_DONT_INSERT_EMPTY_FRAGMENTS was added recently:
http://gitorious.org/fetchmail/fetchmail/commit/
48809c5b9f6c9081f4031fa938dd63b060c18a4b ?format=patch
Older implementations of OpenSSL do not support SSL_CTX_clear_options().
This patch reworks the previous change to avoid the use of
SL_CTX_clear_options() and instead clears the corresponding bit in
SSL_OP_ALL before calling SSL_CTX_set_options().
Matthias Andree [Thu, 30 Aug 2012 06:17:53 +0000 (08:17 +0200)]
Update security info on web site.
Matthias Andree [Wed, 29 Aug 2012 23:03:08 +0000 (01:03 +0200)]
Update copyright and SecAnn' version.
Matthias Andree [Wed, 29 Aug 2012 21:36:40 +0000 (23:36 +0200)]
Update.
Matthias Andree [Wed, 29 Aug 2012 21:24:14 +0000 (23:24 +0200)]
Get ready for 6.3.22 release.
Matthias Andree [Mon, 20 Aug 2012 18:40:14 +0000 (20:40 +0200)]
Update translations and NEWS.
Matthias Andree [Fri, 17 Aug 2012 16:23:54 +0000 (18:23 +0200)]
Warn if SSL is disabled, suggest --with-ssl.
Matthias Andree [Fri, 17 Aug 2012 16:15:02 +0000 (18:15 +0200)]
Fix installation when PYTHON is enabled.
The Python-related Makefile.am parts were simplified to avoid an
automake 1.11.X bug around noinst_PYTHON, Automake Bug #10995.
http://lists.gnu.org/archive/html/automake-patches/2012-03/txtbYNp7SPawU.txt
Matthias Andree [Wed, 15 Aug 2012 21:41:03 +0000 (23:41 +0200)]
GSSAPI build fix.
The GSSAPI-related autoconf code now matches gssapi.c better, and uses
a different check to look for GSS_C_NT_HOSTBASED_SERVICE.
This fixes the GSSAPI-enabled build on NetBSD 6 Beta.
Matthias Andree [Wed, 15 Aug 2012 20:12:44 +0000 (22:12 +0200)]
Update translations.
Matthias Andree [Tue, 14 Aug 2012 23:19:47 +0000 (01:19 +0200)]
Correct title/topic, remove dates (6.3.22 isn't out yet), and re-sign.
Matthias Andree [Tue, 14 Aug 2012 20:53:04 +0000 (22:53 +0200)]
Fix compiler warnings.
Matthias Andree [Tue, 14 Aug 2012 20:52:46 +0000 (22:52 +0200)]
Fix compiler aliasing warning.
Matthias Andree [Tue, 14 Aug 2012 20:38:55 +0000 (22:38 +0200)]
Fix length argument to memset().
Matthias Andree [Tue, 14 Aug 2012 18:47:22 +0000 (20:47 +0200)]
Validate NTLM challenge fields.
This is to avoid reading from bad locations, and possibly conveying
confidential data. Credit to Nico Golde.
Matthias Andree [Tue, 14 Aug 2012 05:46:22 +0000 (07:46 +0200)]
Add CVE-Id and sign.
Matthias Andree [Mon, 13 Aug 2012 20:05:52 +0000 (22:05 +0200)]
reword
Matthias Andree [Mon, 13 Aug 2012 20:04:34 +0000 (22:04 +0200)]
Add new Swedish translation, by Göran Uddeborg.
Matthias Andree [Mon, 13 Aug 2012 19:27:37 +0000 (21:27 +0200)]
Fix advisory no. in header.
Matthias Andree [Mon, 13 Aug 2012 19:25:34 +0000 (21:25 +0200)]
Reformat, inserting blank line.
Matthias Andree [Mon, 13 Aug 2012 19:23:41 +0000 (21:23 +0200)]
Document fix for NTLM crash, + Security advisory (draft).
Matthias Andree [Mon, 13 Aug 2012 19:05:23 +0000 (21:05 +0200)]
Update German translation.
Matthias Andree [Mon, 13 Aug 2012 18:48:12 +0000 (20:48 +0200)]
Fix crash: Handle invalid base64 in NTLM challenge.
Some servers, for instance the MS Exchange servers deployed by the
US-American National Aeronautics and Space Administration (NASA),
aborted the NTLM protocol exchange after receiving the initial request.
Fetchmail did not detect that there was an error message, rather than
NTLM protocol exchange, and caught a segmentation fault while reading
from a bad location.
Detect base64 decoding errors, and return PS_AUTHFAIL in this case.
Reported by J[ames] Porter Clark.
Matthias Andree [Thu, 2 Aug 2012 18:35:32 +0000 (20:35 +0200)]
Document license change in CHANGES.
Matthias Andree [Thu, 31 May 2012 06:47:20 +0000 (08:47 +0200)]
Properly erase MD5Context in MD5Final.
Found by clang.
Sunil Shetye [Wed, 9 May 2012 08:10:12 +0000 (13:40 +0530)]
fetchmail workaround for a bug in Microsoft Exchange
treat missing header in response to a FETCH command as a transient error
(Reported by John Connett)
if there are too many transient errors, log it.
Matthias Andree [Fri, 6 Apr 2012 21:39:56 +0000 (23:39 +0200)]
Relicense security/errata notices as CC BY-ND 3.0.
Removing the NC/noncommercial clause, to ease redistribution.
Matthias Andree [Fri, 6 Apr 2012 21:20:34 +0000 (23:20 +0200)]
Add fetchmail-SA-2012-01.txt.
Matthias Andree [Fri, 6 Apr 2012 19:34:18 +0000 (21:34 +0200)]
Bump version to 6.3.22.
Matthias Andree [Fri, 6 Apr 2012 19:31:53 +0000 (21:31 +0200)]
Fix CVE-2011-3389 by clearing SSL_OP_DONT_INSERT_EMPTY_FRAGMENTS...
...from SSL options, unless FETCHMAIL_DISABLE_CBC_IV_COUNTERMEASURE
is a non-empty environment variable.
Suggested by Apple.
Matthias Andree [Sun, 1 Apr 2012 13:33:49 +0000 (15:33 +0200)]
Validate XHTML 1.0 stuff even when skipping 1.1.
Matthias Andree [Tue, 22 Nov 2011 00:47:29 +0000 (01:47 +0100)]
Mention Zimbra FETCH () workaround by Mikulas Patocka
Mikulas Patocka [Fri, 18 Nov 2011 23:43:11 +0000 (18:43 -0500)]
fetchmail workaround for a bug in Zimbra
Zimbra occasionally returns this response:
fetchmail: IMAP> A0007 FETCH 1 RFC822.HEADER
fetchmail: IMAP< * 1 FETCH ()
fetchmail: IMAP< A0007 OK FETCH completed
It happens when there is a corrupted message without a header in the
database. (I don't know how this message could be created, I just see it
there).
When fetchmail encounters such resonse, it gives up and disconnects.
This patch changes it so that PS_TRANSIENT is returned in this
case and fetchmail continues to fetch following messages correctly.
Matthias Andree [Tue, 25 Oct 2011 22:30:32 +0000 (00:30 +0200)]
Fix build on SSLv2-disabled OpenSSL setups
On systems where SSLv2_client_method isn't defined in OpenSSL (such as newer
Debian, and Ubuntu starting with 11.10 oneiric ocelot), don't reference it (to
fix the build) and print a run-time error that the OS does not support SSLv2.
Fixes Debian Bug #622054, but note that that bug report has a more thorough
patch that does away with SSLv2 altogether.
Matthias Andree [Tue, 6 Sep 2011 19:10:38 +0000 (21:10 +0200)]
Mention that user@server must be unique.
Matthias Andree [Tue, 6 Sep 2011 19:08:16 +0000 (21:08 +0200)]
Add items.
Matthias Andree [Tue, 30 Aug 2011 16:15:15 +0000 (18:15 +0200)]
Print Server certificate: banner on stdout rather than stderr.
Reported by Henry Jensen, fixes Debian Bug #639807.
Matthias Andree [Sun, 21 Aug 2011 13:49:42 +0000 (15:49 +0200)]
Update website for 6.3.21.
Matthias Andree [Sun, 21 Aug 2011 13:16:27 +0000 (15:16 +0200)]
Import translations.
Matthias Andree [Sun, 21 Aug 2011 13:14:42 +0000 (15:14 +0200)]
Bump version to 6.3.21, mark release date.
Matthias Andree [Sun, 21 Aug 2011 09:55:05 +0000 (11:55 +0200)]
Mention rawlog.patch in NEWS.
Matthias Andree [Sun, 21 Aug 2011 13:08:54 +0000 (15:08 +0200)]
Drop obsolete file TODO-6.3.20.
Matthias Andree [Sun, 21 Aug 2011 13:07:48 +0000 (15:07 +0200)]
Critical fix: don't embed NUL in unterminated last IMAP line.
Found by Antoine Levitt.
Matthias Andree [Mon, 6 Jun 2011 22:26:37 +0000 (00:26 +0200)]
Revert SO_???TIMEO-based STARTTLS timeout handling.
This reverts commits
47c05b10018f5ec7493e4bd9f521aaa18d96f1e2
and
72ce8bce8dd655b6aefa33d0a74e883dad5202b5 , the code isn't portable,
for instance, Solaris does not support SO_RCVTIMEO/SO_SNDTIMEO.
These socket-level options are known, but Solaris returns EAFNOSUPPORT.
Reported by Jonathan Buschmann.
Conflicts:
NEWS
socket.c
Matthias Andree [Sun, 21 Aug 2011 09:55:05 +0000 (11:55 +0200)]
Add rawlog.patch.
Matthias Andree [Tue, 16 Aug 2011 15:37:09 +0000 (17:37 +0200)]
Drop vendor-sec@lst.de, defunct.
Thomas Jarosch [Tue, 2 Aug 2011 11:22:55 +0000 (13:22 +0200)]
Remove redundant double A_OTP check.
Matthias Andree [Fri, 17 Jun 2011 16:06:29 +0000 (18:06 +0200)]
Fix function signature to match prototype.
Found by Lars Hecking.
Matthias Andree [Mon, 6 Jun 2011 22:21:47 +0000 (00:21 +0200)]
Merge branch 'legacy_63' of gitorious.org:fetchmail/fetchmail into legacy_63
Matthias Andree [Mon, 6 Jun 2011 22:21:22 +0000 (00:21 +0200)]
Merge branch 'common-6x' into legacy_63
Matthias Andree [Mon, 6 Jun 2011 22:20:05 +0000 (00:20 +0200)]
Synch NEWS/CVE-2011-1947 with release 6.3.20 + Credit
Matthias Andree [Mon, 6 Jun 2011 22:07:07 +0000 (00:07 +0200)]
Merge branch 'common-6x' into legacy_63
Matthias Andree [Mon, 6 Jun 2011 12:33:07 +0000 (14:33 +0200)]
Update website.
Matthias Andree [Mon, 6 Jun 2011 12:32:42 +0000 (14:32 +0200)]
Sign SA 2011-01/CVE-2011-1947.
Matthias Andree [Mon, 6 Jun 2011 11:07:52 +0000 (13:07 +0200)]
Freeze strings for release.
Matthias Andree [Mon, 6 Jun 2011 11:07:43 +0000 (13:07 +0200)]
Fix one fuzzy translation.
Matthias Andree [Mon, 6 Jun 2011 11:07:25 +0000 (13:07 +0200)]
Finish for release.
Matthias Andree [Mon, 6 Jun 2011 11:06:58 +0000 (13:06 +0200)]
Bump version to 6.3.20.
Matthias Andree [Wed, 1 Jun 2011 08:52:50 +0000 (10:52 +0200)]
Credit Thomas Jarosch.
Matthias Andree [Tue, 31 May 2011 20:40:58 +0000 (22:40 +0200)]
Merge branch 'common-6x' into legacy_63
Conflicts:
NEWS
fetchmail-SA-2011-01.txt
Matthias Andree [Tue, 31 May 2011 20:39:36 +0000 (22:39 +0200)]
Add CVE name.
Matthias Andree [Mon, 30 May 2011 10:09:20 +0000 (12:09 +0200)]
Add fetchmail-SA-2011-01.txt
Matthias Andree [Mon, 30 May 2011 10:09:20 +0000 (12:09 +0200)]
Add fetchmail-SA-2011-01.txt
Matthias Andree [Mon, 30 May 2011 10:08:18 +0000 (12:08 +0200)]
Move 'KNOWN BUGS AND WORKAROUNDS' section up.
Matthias Andree [Mon, 30 May 2011 09:30:35 +0000 (11:30 +0200)]
Correct branch designation in Doxygen output.
Matthias Andree [Sun, 29 May 2011 17:33:44 +0000 (19:33 +0200)]
Get 6.3.20 change documentation fit for release.
Matthias Andree [Sun, 29 May 2011 17:20:03 +0000 (19:20 +0200)]
Bump version - hopefully final release candidate.
Matthias Andree [Sun, 29 May 2011 16:35:34 +0000 (18:35 +0200)]
Freeze updated .po files for -rc3.
Matthias Andree [Fri, 27 May 2011 18:45:37 +0000 (20:45 +0200)]
Merge branch 'common-6x' into legacy_63
Matthias Andree [Fri, 27 May 2011 18:45:29 +0000 (20:45 +0200)]
Bump copyright.
Matthias Andree [Thu, 26 May 2011 21:25:22 +0000 (23:25 +0200)]
Merge branch 'common-6x' into legacy_63
Conflicts:
po/de.po
Matthias Andree [Thu, 26 May 2011 00:06:39 +0000 (02:06 +0200)]
Bump automake requirement to 1.11, add dist-xz option.
Matthias Andree [Thu, 26 May 2011 20:24:52 +0000 (22:24 +0200)]
Drop FETCHMAIL_IMAP_DELETED_REMAINS_UNSEEN dud again.
Matthias Andree [Thu, 26 May 2011 12:48:49 +0000 (14:48 +0200)]
Drop revived but unneeded file.
Matthias Andree [Wed, 25 May 2011 23:46:19 +0000 (01:46 +0200)]
Update NEWS, mention STARTTLS timeout fix, ...
Swap bug fixes and changes. Mark Czech/French/German/Polish translations
updated. Mark strlen() optimization as a change, rather than a bug fix.
Matthias Andree [Wed, 25 May 2011 23:47:41 +0000 (01:47 +0200)]
Run S(TART)TLS negotiation under timeout alarm.
Reported missing by Thomas Jarosch.
Matthias Andree [Wed, 25 May 2011 23:47:11 +0000 (01:47 +0200)]
Fix missed disabling of alarm when SSL-wrapped connect failed.
Matthias Andree [Mon, 23 May 2011 18:44:55 +0000 (20:44 +0200)]
Update German translation.
Matthias Andree [Sun, 22 May 2011 21:14:01 +0000 (23:14 +0200)]
Handle socket errors on CAPABILITY probes.